What are cookies?
A cookie is a small text file that is stored on your computer or mobile device through the web browser when you visit and use 3 Story Software
There are two types of cookies that we use: session cookies and persistent cookies.
- A session cookie is stored temporarily on your computer or mobile device for as long as your browser is open. Therefore, session cookies are deleted when you close your browser.
- A persistent cookie is stored on your computer or mobile device until either it expires or is deleted from your browser cache.
Session cookies are mandatory for the application to work. Session cookies do not contain personally identifiable information. We use persistent cookies to enable use to remember things about you as a returning user. For example, the “Remember Username” option on the login page uses a persistent cookie to store your username. By checking that option, you give us consent to use that cookie and store it on your device. Auto-login links in emails also use persistent cookies. Each link is created specifically for a given user for a given object/activity. We want to make sure the auto-login link belongs to you when you use it.
How to control and delete cookies.
If you want to restrict or block the cookies we set, you can do this through your browser settings. However, restricting cookies will prevent you from using the application. You can delete existing cookies by clearing your browser cache.
Our Cookies
| Cookie Name | SameSite | Expires | Purpose | Data |
|---|---|---|---|---|
| Info | Lax | Session | Used to manage user authentication within the application. It is created when a user logs in and is required to maintain the authenticated session across requests. | Stores an encrypted authentication ticket. |
| Login | Lax | 10 Years | Needed to define, if a user name should be saved for the next login. | Contains the information if a user name should be saved for the next login and what it is the username. |
| ReturnUrl | None | Will be deleted after logging in or 5 minutes | Used during the login process to ensure that users are redirected to the appropriate page after successful authentication. | Contains the url to return the user. |
| SsoSession | None | Session | SessionID is used to identify a valid SSO login. | Contains the sessionID which is used to identify a valid login. Furthermore, when this ID was created in UTC. |
| SsoUsernameHint | None | Will be deleted after logging in or 5 minutes | Created when a service provider-initiated login is used. It stores the username entered by the user on the login page in order to support the authentication process. | Contains the username. |
| UserPreferences | Lax | 10 years | Used to store the most recently used search settings. | Contains search settings. |
| Antiforgery | Strict | Session | Needed to prevent Cross-Site Request Forgery (XSRF/CSRF) attacks on the Login Page. | Contains an individual antiforgery token. |
| __RequestVerificationToken | Lax | Session | Needed to prevent Cross-Site Request Forgery (XSRF/CSRF) attacks on regular pages. | Contains an individual antiforgery token. |
| __ExpressRequestVerificationToken | Lax | Session | Needed to prevent Cross-Site Request Forgery (XSRF/CSRF) attacks during Express Sessions. | Contains an individual antiforgery token. |
| LinkExternalCookie | Lax | 5 minutes | The cookie is used for temporary storage of authentication information, specifically for the "Link Accounts" feature | Stores temporary authentication data without overwriting the existing authentication cookie |